Earlier in my career, I joined a team that did leading-edge work to help utilities maintain, operate and restore their aging electrical systems in the face of frequent natural hazards. We enabled some of the largest North American utilities to improve reliability, restore systems faster and rethink organizational and system design to reduce operational risk. It worked—they survived the likes of Sandy, Maria and Ike.
With utilities now facing complex challenges around security, climate change and an increasingly dynamic grid, we must reimagine an architecture that’s safe, reliable and secure. And we can’t just glue together new appliances or bolt after-market solutions onto an already complex system. Working in cross-functional teams, we must fundamentally rethink and rearchitect to prepare for coming storms—natural and manmade.
On the electric asset side, we need to think about more than how to defend the bulk electric system against an attack. Let’s figure out how to build it so it breaks more efficiently during an operational technology (OT) attack. Just as we prepare for natural hazards by placing line breaks and hardening substations, we need to do the same for crank paths for an OT attack. We need to be asking: “What can we do—in the design of electrical systems—to make it easier to restore integrity of the grid and OT together?”
On the technology side, we need to examine the entire system. The key question should be: “Do we have the right architecture in place?” (not: “Are we meeting the right standards?”). Too few utilities are looking closely at the architecture of T&D system technology. And too few are thinking about the two- or three-dimensional models the way an adversary thinks about them. Rather than adding new, shiny objects to defend systems, we should be finding ways for them to “break” or isolate effectively when one occurs.
How can we make it happen? I see three imperatives:
1. Rethink ownership of the security challenge
While there are a variety of technology solutions that promise elusive fixes for inherently insecure systems, security is not a “technology” problem. Electric systems were designed to be safe and reliable; both the grid and its OT need to be architected to be safe and secure. Organizationally, it’s time to rethink how we govern security, and start transferring some ownership to operating units.
2. Reimagine how technology and electric assets are maintained together
At the DistribuTECH conference earlier this year, I encountered many vendors with amazing security products for defending OT systems and grids—including solutions that pair threat intelligence with OT asset discovery. To me, the real value of these solutions is asset discovery because it provides a basic yet vital understanding of which assets are on your system. After all, you can’t defend (or maintain) what you don’t know is there.
The next logical step? Pair that technology asset intelligence with electric asset information to help technology and asset teams gain situational awareness, manage assets more efficiently and communicate better during emergencies. It will also allow teams to model risk scenarios that support better risk management and bolster arguments for enhanced spending during rate cases.
3. Prepare technology and grid teams to respond to a disaster together
Our adversaries are assembling formidable teams (not just technologists) to identify weaknesses in utilities’ systems of systems. They’re not doing it for fun; they’re doing it because their leaders want to disrupt society and your power. How can teams work hand-in-glove not only to restore IT systems but also to repair and replace OT systems in the field alongside the transmission and substation crews that will be restoring load? Although the United States has pushed hard to make “storm response” an all-hazards, enterprise-wide response, too often the technology side of the house isn’t properly engaged. It’s time to close those gaps and work across IT, OT and transmission and distribution to respond to expected OT cyber incidents.
On that team I joined years ago, working across a utility’s enterprise was critical to success. This is no different. Addressing OT challenges requires enterprise commitment and engagement. Security isn’t just the chief information security officer’s problem—it’s everyone’s risk and responsibility.